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ENCRYPTED E-MAIL READER AND RESPONDER SYSTEM, 
METHOD, AND COMPUTER PROGRAM PRODUCT 

Background of the Invention 

Field of the Invention 
5 The present invention relates to electronic mail (e-mail) systems and more 

particularly, to encrypted e-mail systems. 

Related Art 

Electronic mail, also known as e-mail, is a widely used means of 

0 communicating between communication devices such as computers. A conventional 
e-mail system enables sending e-mail notes or e-mail messages much like a 
conventional postal letter from a source to a destination. For example, a sender 
could send an e-mail message including a return e-mail address to a receiver at the 
receiver's e-mail address on another computer through a network connecting the 

5 computers. E-mail messages provide several advantages over conventional postal 
mail, such as, for example, faster preparation time, faster delivery time, a simpler 
addressing scheme than using name, street address or post office box, city, state and 
zip code, and lower cost. E-mail systems can provide an efficient means of 
distributing information internal to and external from an enterprise or business. 

:0 However, conventional e-mail systems have limitations when used in, e.g., a 
manufacturing plant or production environment such as, e.g., a hospital, or retail 
business. For example, conventional e-mail systems require that each user have a 
computer with which to access the e-mail system. In a production or manufacturing 
environment, a machine operator often will not have access to a computer. Also, it 

15 may be unsafe in certain environments to permit a worker to be distracted by e-mail 
while performing tasks such as, e.g., monitoring a mission critical operation, such as 
where a worker is operating heavy machinery or a nurse in a hospital. Limitations of 
conventional e-mail systems can prevent many users within organizations from, e.g., 
accessing important corporate information, which is most efficiently distributed over 

10 e-mail. 
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Historically, e-mail messages have included primarily text. Eventually, users 
were able to attach files for delivery along with an e-mail textual message. Such 
attached files are often called "attachments." Many e-mail systems support attaching 
multiple documents to an e-mail message. Unfortunately, when an e-mail user 
desires to forward an attachment, the attachment is conventionally forwarded along 
with the message containing it causing the forwarded e-mail with attachment to be 
encapsulated within the new e-mail. 

One type of e-mail system is a client/server e-mail system. The e-mail system 
can use a centralized post office box that resides on a server somewhere on the 
network to which client e-mail user computers are attached. The post office box can 
be used, e.g., to store a message from a sender which can then forward the message 
later to a temporarily disconnected addressed receiver. The centralized post office 
can also permit messages to be centrally backed up on a periodic basis. With a 
client/server e-mail system, a portion of the e-mail generation program can reside on 
a client's computer (the computer of the sender or receiver), and another portion of 
the e-mail system can reside on a server computer. E-mail application software can 
run on a variety of operating systems and computer system platforms. 
Conventionally, e-mail messages are stored on the central server computer and are 
accessed via the client user computers. 

Another type of client/server e-mail system is known as "groupware." 
Groupware enables functions in addition to the communication capability of e-mail 
including, for example, project management, location independent cooperation and 
information accessibility links. 

Examples of e-mail systems include, for example, Lotus cc:Mail available 
from IBM, Outlook, Exchange, and MS Mail available from MICROSOFT of 
Redmond, Washington, USA, PROFS and OFFICEVISION available from IBM of 
Armonk, New York, USA, All-In-One from Compaq of Houston, Texas, USA, online 
service provider integrated e-mail systems such as, e.g., that provided by AMERICA 
ONLINE (AOL) of Vienna, Virginia, USA, the Internet Protocol's Simple Mail 
Transfer Protocol (SMTP), and various Internet based e-mail systems such as those 
available from JUNO and NETZERO. Examples of groupware include Lotus Notes 
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available from IBM, Exchange available from MICROSOFT, Collabra Share 
available from NETSCAPE, and Groupwise available from NOVELL. 

Early e-mail systems sent messages to users within an organization known as 
an intranet system, with little consideration taken to interacting with other e-mail 
5 systems or networks. An intranet is a term often used to describe a stand alone 
network or group of networks which includes a related group of senders and 
receivers, such as, for example, the employees of a commercial company. 

Some intranet e-mail systems are equipped to inter-operate with other e-mail 
systems. Computers coupled by a network communicate by using communication 
10 software programs which in turn use a communication language or "protocol." Some 
e-mail systems are implemented using a so-called "open systems" communications 
method such as the transmission control protocol/ internet protocol (TCP/IP) suite of 
protocols. The TCP/IP protocol suite includes the SMTP e-mail functionality already 
mentioned. 

15 An internet (i.e. with a lower case "i") is a network which couples two 

separate networks to one another. The global Internet (i.e. with a capitalized "I") is 
an internet that grew out of a U.S. Defense Advanced Research Projects Agency 
(DARPA) project. The Internet originally served a largely technical audience 
composed of the military, government agencies, and academic researchers and 

20 scientists. The original goals of the project were to allow researchers to share 
computing resources and to exchange information, regardless of their locations, and 
to create a resilient, fault-tolerant wide area network (WAN) for military 
communications. The global Internet implements communication using the TCP/IP 
communications protocols. 

25 On-line service providers originally provided e-mail system access to 

individuals via modem connections. On-line service providers include, for example, 
American On Line (AOL), CompuServe, and Prodigy. Online services traditionally 
created offerings targeted toward home computer users. These providers often 
provided proprietary e-mail systems to connect their users to one another. In time, 

30 users on proprietary on-line services, were able to send messages to users on other e- 
mail services via the Internet 
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During the mid-1990's, commercial enterprises and individuals increasingly 
discovered the benefits of being connected to the Internet, eventually creating a mass- 
market phenomenon. Today, although access is limited in some areas, most countries 
have ties to the Internet. Thus, the Internet has enabled widespread, standardized 

5 intercommunication between users of disparate e-mail systems. 

Small and medium sized businesses have many users, which do not have 
access to a computer with which to send and receive e-mail. Workers in various 
professions including, e.g., healthcare workers in a hospital and retail, because of 
their jobs, may not have access to conventional email. It is desirable that all 

0 employees of a business have access to e-mail resources for such purposes as, e.g., 
for efficient distribution of information to employees from an employer. In many 
cases, it can be desirable that the employer not be required to purchase a computer for 
use by each of the employees. It is also desirable that the employer be able to filter 
out any junk e-mail, commonly known as "spam," being sent to the employees. It is 

5 also desirable that employees such as, e.g., in a retail business, production, or 
operations such as a hospital, not be permitted to access their e-mail at all times in 
order to maintain high worker productivity. 

Conventionally, when a sending user of an e-mail desires to send an encrypted 
e-mail message to a receiving user, unfortunately, the sending and receiving users 

0 must either be on compatible e-mail systems or must go through complex set up and 
configuration procedures prior to sending the encrypted e-mail message. 
Conventional e-mail systems can be complex to configure. 

Conventional e-mail systems lack standardization in handling of encryption. 
Thus, what is needed in an improved e-mail system that allows for the 

5 encryption, sending, receiving and decryption of e-mail in a heterogeneous network 
environment. 

Summary of the Invention 

A method, system, and computer program product are provided that enable 
0 receiving users on a different e-mail system than a sending user to read and respond 
to encrypted email. 
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In an exemplary embodiment of the present invention a reader-responder 
module can allow a receiving user to read and respond to an encrypted e-mail created 
by a sending user using a different type of e-mail system than the e-mail system used 
by the receiving user. 

5 In an exemplary embodiment, the receiving user, using the reader-responder 

module, can be provided with a sub-set of the functionality of the sending user's e- 
mail system. In an exemplary embodiment, the sub-set of functionality can include 
reading messages from users of the sending user's e-mail system. In an exemplary 
embodiment, the sub-set of functionality can include sending messages to users of the 
sending user's e-mail system, such as, e.g., the sending user. 

hi an exemplary embodiment, use of the reader-responder module by the 
receiving user can be allowed for no fee. 

Advantageously, the receiving user, in one exemplary embodiment, in 
exchange for a transaction amount, can be provided with the full set of functionality 
of the sending user's e-mail system. 

In another exemplary embodiment, a method, system, and computer program 
product can be provided that can enable a receiving user of a first e-mail system to 
read and respond to an e-mail sent from a sending user, where the e-mail was created 
on a second e-mail system, and where proprietary features of the second e-mail 
system are provided to the receiving user. 

hi an exemplary embodiment, the proprietary features are encryption features. 
In an exemplary embodiment, the encryption features support a 128 bit pubhc/private 
encryption system. In an exemplary embodiment of the present invention a reader- 
responder module can allow the receiving user to read and respond to the e-mail 
created by the sending user on the second e-mail system. 

In an exemplary embodiment, the receiving user, using the reader-responder 
module, can be provided with a sub-set of the functionality of the second e-mail 
system. In an exemplary embodiment, the sub-set of functionality can include 
exchanging messages with users of the second e-mail system. In an exemplary 
embodiment, the sub-set of functionality can include creating and sending messages 
to users of the second e-mail system. 
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In an exemplary embodiment, use of the reader-responder module by the 
receiving user can be provided for a nominal, or no fee. 

Advantageously, the receiving user, in one exemplary embodiment, in 
exchange for a transaction amount, can be provided with the full set of functionality 

5 of the second e-mail system. 

In an exemplary embodiment of the present invention, a method of 
distributing and initializing an encrypted electronic mail (email) software application 
for exchanging secure email, includes the steps of: obtaining by a first user a license 
for an email client software application program having public/private encryption; 

0 requesting by the first user that a second user download a reader/responder software 
application program in order to exchange encrypted email between the first user and 
I the second user; downloading and installing the reader/responder software application 
program by the second user; sending an email by the second user to the first user 
including embedding an unencrypted public key by using a send key function of the 

5 reader/responder software application program; receiving the email from the second 
user by the first user, wherein the unencrypted public key is embedded in the email; 
responding by the first user by sending a second email to the first user, where the 
reader/responder software application program encrypts a message of the second 
email into an encrypted message using the unencrypted public key of the second user; 

0 receiving the second email by the second user with the encrypted message as an 
attachment from the first user into a third party email software application program, 
wherein the third party email software application program is different from the 
reader/responder software application program and the email client software 
application program; and opening by the second user the attachment to execute the 

5 reader/responder software application program operative to allow a user without the 
email client software to read and respond to encrypted email created and sent from 
a user having the email client software. 

In one exemplary embodiment, the method further comprises: viewing by the 
second user the encrypted message using the reader/responder software application 

0 program including decoding the encrypted message using a private key for the second 
user. 
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In another exemplary embodiment, the method further comprises: saving 
information about the first user into an address book database along of the second 
using along with an unencrypted public key for the first user. 

In yet another exemplary embodiment of the present invention, the method 
5 further comprises: creating a new secure email including an encrypted message by the 
second user to send to at least one of the first user and any other user of the email 
client software application program to which the second user has emailed a public 
key and from which the second user has received a response email. 

In another exemplary embodiment, the email client software application 

10 program can use at least 128-bit public/private encryption. 

La another exemplary embodiment of the present invention, a data processing 
system operative to distribute and initialize an encrypted electronic mail (email) 
software application for exchanging secure email, can include: a license module 
operative to obtain by a first user a license for an email client software application 

15 program having public/private encryption; a request module operative to request by 
the first user that a second user download a reader/responder software application 
program in order to exchange encrypted email between the first user and the second 
user; a download module operative to download and install the reader/responder 
software application program by the second user; a send module operative to send an 

20 email by the second user to the first user including a send key function module of the 
reader/responder software application program operative to embed an unencrypted 
public key; an email receiver module operative to receive the email from the second 
user by the first user, wherein the unencrypted public key is embedded in the email; 
a response module operative to respond by the first user by sending a second email 

25 to the first user, wherein the reader/responder software application program includes 
an encryption module operative to encrypt a message of the second email into an 
encrypted message using the unencrypted public key of the second user; a receipt 
module operative to receive the second email by the second user with the encrypted 
message as an attachment from the first user into a third party email software 

30 application program, wherein the third party email software application program is 
different from the reader/responder software application program and the email client 
software application program; and execution module operative to open by the second 
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user the attachment to execute the reader/responder software application program 
including a reader responder module operative to allow a user without the email client 
software to read and respond to encrypted email created and sent from a user having 
the email client software. 
5 In yet another exemplary embodiment of the present invention, a data 

processing system for distributing and initializing an encrypted electronic mail 
(email) software application for exchanging secure email, can include: means for 
obtaining by a first user a license for an email client software application program 
having public/private encryption; means for requesting by the first user that a second 

10 user download a reader/responder software application program in order to exchange 
encrypted email between the first user and the second user; means for downloading 
and installing the reader/responder software application program by the second user; 
means for sending an email by the second user to the first user including means for 
embedding an unencrypted public key by using a send key function of the 

15 reader/responder software application program; means for receiving the email from 
the second user by the first user, wherein the unencrypted public key is embedded in 
the email; means for responding by the first user by sending a second email to the 
first user, wherein the reader/responder software application program includes means 
for encrypting a message of the second email into an encrypted message using the 

20 unencrypted public key of the second user; means for receiving the second email by 
the second user with the encrypted message as an attachment from the first user into 
a third party email software application program, wherein the third party email 
software application program is different from the reader/responder software 
application program and the email client software application program; and means 

25 for opening by the second user the attachment to execute the reader/responder 
software application program including means for allowing a user without the email 
client software to read and respond to encrypted email created and sent from a user 
having the email client software. 

In another exemplary embodiment of the present invention, a computer 

30 program product embodied on a computer readable media having program logic 
stored thereon, the computer program product operative to distribute and initialize an 
encrypted electronic mail (email) software application for exchanging secure email, 
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the product including: program code means for enabling a computer to obtain by a 
first user a license for an email client software application program having 
public/private encryption; program code means for enabling the computer to request 
by the first user that a second user download a reader/responder software application 
5 program in order to exchange encrypted email between the first user and the second 
user; program code means for enabling the computer to download and install the 
reader/responder software application program by the second user; program code 
means for enabling the computer to send an email by the second user to the first user 
including program code means for enabling the computer to embed an unencrypted 

1 0 public key by using a send key function of the reader/responder software application 
program; program code means for enabling the computer to receive the email from 
the second user by the first user, wherein the unencrypted public key is embedded in 
the email; program code means for enabling the computer to respond by the first user 
by sending a second email to the first user, wherein the reader/responder software 

15 application program includes program code means for enabling the computer to 
encrypt a message of the second email into an encrypted message using the 
unencrypted public key of the second user; program code means for enabling the 
computer to receive the second email by the second user with the encrypted message 
as an attachment from the first user into a third party email software application 

20 program, wherein the third party email software application program is different from 
the reader/responder software application program and the email client software 
application program; and program code means for enabling the computer to open by 
the second user the attachment to execute the reader/responder software application 
program including program code means for enabling the computer to allow a user 

25 without the email client software to read and respond to encrypted email created and 
sent from a user having the email client software. 

Further features and advantages of the invention, as well as the structure and 
operation of various embodiments of the invention, are described in detail below with 
reference to the accompanying drawings. In the drawings, like reference numbers 

30 generally indicate identical, functionally similar, and/or structurally similar elements. 
The drawing in which an element first appears is indicated by the leftmost digits in 
the corresponding reference number. 
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Brief Description of the Drawings 

The foregoing and other features and advantages of the invention will be 
apparent from the following, more particular description of a preferred embodiment 
5 of the invention, as illustrated in the accompanying drawings. 

FIG. 1 A is a block diagram of a distributed client/server e-mail system; 
FIG. IB is a block diagram of an exemplary system depicting an e-mail 
application program running on a computer hardware and operating system platform; 
FIG. 2 depicts a conventional e-mail; 
10 FIG. 3 is an example embodiment of a multi-user shared e-mail system 

according to the present invention; 

FIG. 4 depicts an exemplary computer system of the present invention; 
FIG. 5 depicts an exemplary embodiment of a user interface of the multi-user 
e-mail system of the present invention; 
15 FIG. 6 depicts an exemplary embodiment of a personal file folder system of 

the present invention; 

FIG. 7 depicts an exemplary embodiment of a read receipt report according 
to the present invention; 

FIG. 8A depicts an exemplary setup process of a public key infrastructure 
20 (PKI) using a public and a private key; 

FIG. 8B depicts a exemplary embodiment of an improved setup process for 
configuring public and private keys according to the present invention; 

FIG. 8C depicts an exemplary embodiment of a source code view of an email 
including an automatic embedded public key according to the present invention; 
25 FIG. 9 depicts an exemplary embodiment of a graphical user interface 

illustrating a reader-responder module of the present invention being used to send the 
key from one user to another in order to enable sending encrypted e-mail; 

FIG. 10 depicts an exemplary embodiment of a graphical user interface 
illustrating an address book of a reader-responder module populated with users to 
30 which an e-mail can be sent for the user of the reader-responder module; 
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FIG. 11 depicts an exemplary embodiment of a graphical user interface 
illustrating an email creation window of an exemplary embodiment of the reader- 
responder module of the present invention; and 

FIG. 12 depicts an exemplary embodiment of a flow diagram illustrating how 
5 users could use a reader-responder module according to the present invention to 
exchange e-mail. 

Detailed Description of the Invention 

A preferred embodiment of the invention is discussed in detail below. While 
10 specific implementations are discussed, it should be understood that this is done for 
illustration purposes only. A person skilled in the relevant art will recognize that 
other components and configurations may be used without parting from the spirit and 
scope of the invention. 

1 5 Overview of the Invention 

In many production, retail, healthcare, hospital, manufacturing or other 
environments, workers do not have access to a computer and e-mail, and at scheduled 
times go to a break room for a break. The present invention is directed to a system, 
method and computer program product that enables multiple users to access a single 

20 shared computer to send, receive and store e-mail messages. The system can be used 
continually in real-time working environment. 

In one embodiment of the invention, the multiple user, shared single computer 
e-mail system permits these multiple users to view the computer and through a user 
interface identify whether new e-mail has arrived for any of the users. 

25 In one embodiment, the users can use a touchscreen to identify themselves to 

the system and the system can then require entry of a password to authenticate the 
user. Alternatively, a conventional display monitor can be used for output of status 
information and a mouse or other pointing device or keyboard or other device can be 
used for input. 

30 In another embodiment, the system can through its user interface identify a 

priority level of newly received e-mail, to prioritize which of the multiple users 
should gain access to the shared computer first. In one embodiment, the priority level 

-11- 
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can be identified by, e.g., providing a colored representation as to the urgency of the 
e-mail, such as, e.g., a colored or blinking name or button, or alphanumeric or other 
indication of priority such as, e.g., a ranked list. 

In an embodiment of the invention, the user with the highest priority could 
5 then access the shared e-mail system first. The user with the highest priority e-mail 
message can then select to open his or her e-mail. 

In one embodiment of the invention, a user can select to open the user's name 
by, e.g., using a mouse, key or highlighting a name or button with a cursor. In an 
embodiment, the user can then be prompted to provide authentication information 
10 such as, e.g., a password and/or company badge, to gain access to that user's personal 
e-mail environment. 

In one embodiment of the invention, a user's personal e-mail environment can 
include, e.g., an inbox, an outbox, and at least one user definable file folder into 
which received messages can be stored. In an embodiment of the invention, the 
15 system can store messages in file folders named by sender of the message or can 
permit the user to provide another name for the folder such as "personal." In one 
embodiment of the invention, the file folders can include different security features 
such as, e.g., passwords for access to the specific file folder. 

An encryption feature can be used to encrypt and decrypt the contents of e- 
20 mail messages to prevent unauthorized access to the contents of a message. In one 
embodiment, a public key can be automatically sent with an email. The public key 
can be included at the top of an email in one embodiment. Advantageously, to 
exchange public keys, two users can send emails to one another. 

In one embodiment of the invention, a first group including a first subset of 
25 all users can use a first single shared computer and a second group including a second 
subset of all users can use a second single shared computer. 

In another embodiment of the invention, a banner can be included onscreen 
to display advertising or other relevant information to users of the shared e-mail 
system. Advantageously, the banner can be used, e.g., to display advertising 
30 information which can be used, e.g., to offer the e-mail system for free or a discount 
to businesses. 
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The shared e-mail system can include other useful features such as, e.g., a 
dictionary for spellcheck, a thesaurus, a grammar checker, multiple standard replies, 
or standard reply lists (such as, e.g., an informal reply, a business or formal reply), 
address book for selecting recipients, special text viewing (e.g., permitting viewing 
5 HTML or text), smart names (e.g., permitting entry of letters of a name causing, e.g., 
lookup of one or more addressbook entries having those letters, a list of names, or the 
addressbook interface itself by a function key combination), user selectable function 
keys (e.g., permitting a user to assign particular functions to key combinations such 
as, e.g., Alt-k to bring up the address book), a memo feature (i.e., enabling preparing 
10 brief memos to oneself). 

In another embodiment of the invention, a user can access the user's e-mail 
environment from the Internet's world wide web. In one embodiment, storage of the 
user's e-mail environment is mirrored to a server on the world wide web and is kept 
in synchrony. In one embodiment, a user from the web interface can send, receive, 
15 store in folders, move and delete messages. In one embodiment of the invention, the 
e-mail system can use a version of the standard POP3 mail application modified for 
the specific features of the shared e-mail system. 

The present invention can also include human resource features. For 
example, in one embodiment of the invention, a user can clock in and clock out via 
20 the system to provide an automated timeclock. 

Another human resource feature can permit tracking user statistics by 
capturing user data via the system including, e.g., the number of employees, the 
number of hourly employees, the number of female and males workers, hours 
worked, whether someone is in or out. 
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Another human resource feature of the present invention includes provision 
of a company wide e-mail for use in, e.g., notifying all employees of events, company 
policy and other announcements. The present invention, in one embodiment, can 
require each employee to acknowledge that they have read an e-mail (e.g., regarding 
5 a company policy) and the system can automatically compile a single record 
regarding all employees indicating which employees opened the e-mail and which did 
not. A report referred to as a read receipt report can be generated that can track which 
recipients have accessed a sent file. Ia one embodiment, the date and time of access 
can be tracked also. In one embodiment the report can be continually updated. 

10 The present invention provides several other features applicable to general e- 

mail systems. For example, the present invention can include an e-mail system 
having a function that automatically removes greater-than (">") signs that other e- 
mail systems could have embedded into forwarded e-mails. 

Another e-mail feature includes in the window interface that presents the 

15 contents of an open e-mail, a graphical display indicating a hierarchy of forwarded 
e-mails and attachments. Advantageously, the graphical display enables forwarding 
of only an included forwarded e-mail or attachment. 

Another embodiment of the present invention can filter e-mail obtained from 
a list of internet locations (e.g., addresses or domain names), which can be maintained 

20 by an administrator (i.e., in one embodiment of the invention for a single user 
version, the administrator can be the user). In one embodiment of the invention, the 
filter can refuse acceptance of e-mails from those designated locations by maintaining 
a so-called "no spam" list. The filter can be used to block other e-mail based on 
criteria set by the administrator, such as, e.g., limiting the size of an e-mail or 

25 attachments. In one embodiment of the invention, incoming e-mail can be queued 
and can be forwarded to the recipient e-mail user, only at a particular time (such as, 
e.g., break time, lunch time, or after hours). Advantageously, this feature can prevent 
employees from sneaking off at non-break times to check e-mail. In another 
embodiment of the invention, access to a user's e-mail box can be restricted to only 

30 particular times of the day, avoiding employee temptation to check e-mail. 

In another embodiment of the invention, sending of a message can be delayed 
to a given time by inputting a send date and time upon creation of the e-mail. 
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Advantageously, the delayed send e-mail feature can enable earlier entry of e-mail 
birthday greetings to be sent on an employee's birthday. 

In another embodiment of the invention, a feature can be provided to store e- 
mail in a folder which can default to be titled by the sender's e-mail userid (i.e., also 
5 commonly referred to as username, screenname, or e-mail address). The user can be 
permitted to modify the folder name such as, e.g., to replace it with the sender's 
company name, or department name, or other designation for the folder such as, e.g., 
"personal," or "confidential." 

In another embodiment of the invention, the system can automatically timeout 
10 and close a user's e-mail if no action has been made for a selectable period of time, 
to prevent unauthorized access to the user's e-mail environment. 

An Exemplary Embodiment of the Invention 

FIG. 1A illustrates a block diagram of e-mail system environment 100 
15 including an exemplary distributed client/server computer e-mail system. E-mail 

system environment 100 includes a sending user 102. Sending user 102 sends an e- 

i 

mail message to a receiving user 104. Sending user 102 creates the e-mail on a client 
computer 106. Client computer 106 transmits the e-mail from sending user 102 to 
receiving user 104 on a client computer 110. An e-mail message may be created via 

20 mail client 116 of client computer 106 and may be sent via interaction with a mail 
server 118 on a server 112 over a communications network 114. An e-mail 200, 
described further below with reference to FIG. 2, in being sent from its source, i.e., 
sending user 102, can travel over communications network 1 14, and can pass through 
other computers (i.e., not shown) enroute to its final destination, client computer 110 

25 for receipt by receiving user 104. In one embodiment of the invention, 
communications network 114 includes an intranet. In another embodiment, 
communications network 114 includes the global Internet. It would be apparent to 
a person having ordinary skill in the art that the features of the present invention can 
be used in alternative e-mail system environments and architectures. 

30 FIG. IB depicts an exemplary computer environment 120 for client computer 

106. It would be apparent to a person having skill in the art that environment 120 
could also depict client computer 110 and server 112. Environment 120 includes 
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hardware 122, operating system 124 and application programs 126, 128 and 130. 
Operating system 124 provides a uniform interface of application programming 
interfaces (APIs) to applications 126, 128 and 130 for access to hardware 122. An 
exemplary application 126 is an e-mail application program, mail program 132. Mail 
5 program 132 is an example of mail client 1 16 and mail server 118. Alternatively, a 
mail program 134 can be included as part of operating system 124 to provide e-mail 
functionality to applications 126, 128 and 130. 

Referring back to FIG. 1A, mail client 116 can include an authentication 
input module which can accept a password from user 102 to validate that user 102 is 

10 authorized to access the e-mail account of user 102. Authentication input module 108 
can interact with an authentication server module 136 of mail server 1 18 to determine 
whether user 102 is authorized to access the personal e-mail box of user 102. After 
authenticating user 102, authentication server module 136 can provide user 102 
access via a storage module 138 to the mailbox of user 102 of e-mail storage 140. 

15 FIG. 2 illustrates an example of a conventional e-mail 200. E-mail 200 

includes various data components. Example data components included in e-mail 200, 
are creation information 202, a body 204, address information 206, and a subject 208. 

In an example embodiment, creation information 202 can include, e.g., the 
date and time e-mail 200 was sent from sending user 102 to receiving user 104. The 

20 body 204 of e-mail 200 can include, e.g., a text portion 210 and embedded objects 
212. Embedded objects 212 can include, e.g., attachments 214. Other embedded 
objects 216 can include, e.g., bit map images, graphics objects, executable programs, 
compressed text and applets. Embedded objects 216 can also include a forwarded e- 
mail 200. Address information 206 can include the e-mail address of sending user 

25 102 and receiving user 104 of e-mail 200. Attachments 214 can also include other 
embedded objects 212. Subject 208 can include a brief description of the contents 
of e-mail 200. It would be apparent to persons skilled in the art that e-mail 200 can 
include a subset of the listed components. 
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FIG. 3 illustrates an example embodiment of an implementation of the 
present invention, including e-mail system 300. E-mail system 300 can include a 
computer 302 in communication with users 304, 306 and 308. Computer 302 
includes a multi-user mail system 310. In a preferred embodiment, multi-user mail 
5 system 310 is a Point Clear e-mail system available from Point Clear.net, Inc. a 
wholly owned subsidiary of XANTE Corporation of Mobile, Alabama, U.S.A. E- 
mail system 310 can include, in one embodiment, a prioritization module 312, an 
authentication module 314, a storage module 316, an e-mail storage module 318, an 
in queue 326 and an out queue 328. 

10 Since multi-user mail system 310 runs on a single computer 302, only one of 

users 304, 306 and 308 can access computer 302 al^one time. Access to computer 
302 can be prioritized using prioritization module 312. Prioritization module 3 12 can 
indicate which of users 304, 306 and 308 should have priority to access computer 302 
and multi-user mail system 310. In one embodiment, the urgency of e-mail messages 

15 can be indicated as a form of priority. For example, e-mails from a particular e-mail 
address could trigger a higher priority, such as, e.g., an e-mail from the CEO of a 
company. Other indications of priority could include, receipt of an e-mail message, 
versus having no new messages. Informally, a supervisor could have a higher priority 
than a line worker who, in turn, could have higher priority than a part-time worker. 

20 If the highest priority user is user 304 then user 304 can proceed to 

authenticate using authentication module 314 by, e.g., entering a password, to access 
a storage environment 320. Assuming the proper authentication information is 
provided, then storage module 316 can provide user 304 access to storage 
environment 320 of e-mail storage 318 via storage module 316. 

25 When user 304 sends an e-mail to another user, the e-mail can be routed via 

an out queue 328 to its final destination. 

When user 304 receives an e-mail message from another user, the e-mail can 
be queued at in queue 326. 

In one embodiment, in queue 326 and out queue 324 can be used to delay 

30 sending or receipt and for filtering operations. 

The present invention enables status of multiple users' e-mail accounts to be 
monitored and accessed from a single computer where each user is identified on a 
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name screen. See FIG. 5 below depicting diagram 500 of an exemplary embodiment 
of a multi-user interface of the present invention. The exemplary embodiment of 
FIG. 5 depicts a graphical user interface (GUI) application, applet, or browser 
interface to the multi-user email system of the present invention. An exemplary 
5 implementation embodiment of the multi-user email system of the present invention 
is the PointClear ™ system available from PointClear.net, Inc., a wholly owned 
subsidiary of XANTE Corporation of Mobile, Alabama, U.S.A. 

In one embodiment, the single shared computer multiple e-mail system 
supports greater than 7 users and up to 64 users on the single computer. In another 
1 0 exemplary embodiment, 4 columns of 1 6 users can be displayed using the multi-user 
interface of the multi-user email system of the present invention as shown in diagram 
500. 

In one embodiment, a system administration tool can be used to configure 
each e-mail account at a company. 
15 In one embodiment, the name screen is the default screen for the multiple e- 

mail account system listing e-mail accounts by user name associated with the 
computer. 

In one embodiment, a time clock feature is included providing an electronic 
. time clock. For example, a system administrator can identify time clock employees, 
20 in one embodiment, and can setup specific features that need to be logged such as, 
e.g., log-in, log-out, overtime, human resource reporting and supervisor warnings. 

In another embodiment, if an e-mail environment window is left open and is 
idle for a specified time then the individual's e-mail window logs out of the system. 
Log out can be based on, e.g., passage of a time duration or other criteria. This 
25 feature prevents unauthorized access to an account by public viewing after a user 
leaves the system computer without logging out. 

In one embodiment, the system of the present invention can be provided for 
a discount such as, e.g., free, if users are willing to watch advertising. Free 
evaluation use could also be provided. With a free evaluation use, a date is identified 
30 after which use is disabled. After completion of particular criteria, access can be re- 
enabled preserving all file folders. In one embodiment, an advertising banner can be 
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included and can be placed in a fixed location. Advertising, in one embodiment, can 
be provided from 

In another embodiment, an address book importer can be provided to import 
address listings from other application programs. 
5 In one embodiment of the invention, attachments of all types can be 

accessible for adding to an e-mail, saving from an e-mail, deleting from an e-mail, 
executing from the e-mail, and forwarding as an e-mail. An e-mail can also be 
forwarded as an attachment. Where an e-mail has several attachments, a user can 
select from multiple attachments by highlighting selected attachments for forwarding 
10 and the selected attachments only can be forwarded, in one embodiment. 

In one embodiment, a spam eliminator can maintain a dynamic list of e-mail 
addresses that can be identified as sources from which e-mail is not accepted. The 
spam eliminator is a filter which can be based on e-mail address, domain name, or 
other identifier. 

15 In one embodiment, online help can be provided. 

In another embodiment, the address book can include groups of e-mail users. 
In another embodiment, e-mail folder security can be provided restricting 
access to stored folders to only users entering authentication criteria such as, e.g., a 
password associated with that folder. 
20 In another embodiment a spell checking feature can be provided. 
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In another embodiment, messages can be marked as urgent, (also referred to 
as hot, or hot mail), or can be identified as a priority level by inclusion in their body 
or otherwise of identifying priority information. In one embodiment, receipt of an 
urgent e-mail can initiate an urgency signal such as, e.g., a visual, graphical, or audio 
5 indication. Diagram 500 of FIG. 5, for example, depicts new mail via an envelope 
icon 5 12, 508. Urgency of the emails waiting a review by the multiple users can be 
indicated by, e.g., color coding such as, e.g., red 506 for the highest urgency, yellow 
510 for intermediate urgency and white 502 for the lowest priority. Alternatively, 
other colors can be used. Alternatively an audio, visual, iconic, numeric, alpha 

10 numeric, or other indication of priority can be provided. Also, a higher priority can 
trigger, e.g., an audio alarm, or a wireless alertor page. No new mail 504 can be 
indicated on the multi-user interface as well. 

In another embodiment of the present invention, inclusion of specific words 
or phrases in an e-mail, or subject portion, for example, can be recognized by 

1 5 consulting a library of words and phrases, and prior to receiving the e-mail containing 
the words or phrases, the e-mail can be rejected. An automatic response can be 
initiated to the sender of the message indicating what has happened, or even warning 
the sender of consequences of sending such e-mail. 

In another embodiment of the invention, delayed message delivery can permit 

20 identification of a delivery date and time for delivery of the e-mail message. 

In another embodiment of the present invention, an e-mail account can be set 
up to auto forward any received e-mails to another e-mail address, hi another, an 
autoreceipt feature can be enabled by a sender of an e-mail to verify that a receiver 
has, e.g., accessed, received, or opened e-mail. In an exemplary embodiment, a read 

25 receipt report can be displayed such as, e.g., the read receipt report as shown in FIG. 
7 is described further below. 

In another embodiment of the present invention, an encryption feature can 
enable entry of a personal encryption key between sender and receiver to control 
access to an e-mail. Multiple algorithms can be supported for encryption. 

30 Advantageously, in one embodiment, as new algorithms are developed, legacy 
algorithms can continue to be supported. Users of earlier revisions of the e-mail 
system set up with a first algorithm, can continue to use the first algorithm even when 
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the program defaults to, e.g., a tenth algorithm. In one exemplary embodiment, a 
user's public key can be automatically generated by the present invention. In one 
embodiment, a public key can be automatically embedded in an email message that 
is being sent. The reader is referred to FlGs. 8A, 8B, and 8C for examples of a 
5 conventional public key infrastructure, exchange of public keys according to the 
present invention, and an email indicating a public key embedded at the top of the 
email shown when viewing the source code according to the present invention, 
respectively. Advantageously a user need not go through a complicated set up 
process as is conventionally required. 
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In an embodiment of the invention, when composing an e-mail and filling in 
the destination address field, for example, a list of names can be parsed as potential 
e-mail recipients based on the keys depressed by the sender of the e-mail. The more 
characters that are typed, in one embodiment, the narrower the selection of names. 
5 Pressing a key combination can list all possible candidates for the keys pressed, from 
which the user can select. 

In an embodiment of the invention, a key or key combination can be defined 
by a user to perform tasks. Using this feature, a user can set desired actions for, e.g., 
function keys, and alternate and control key combinations. 
10 In an embodiment of the invention, a user can insert a voicemail into an e- 

mail while composing the e-mail. 

In an embodiment of the invention, a user can insert an audio/video recording 
into an e-mail. 

In an embodiment of the invention, personal reminder memos can be created 
15 in the e-mail user environment. 

In another embodiment, when an e-mail is received, the sender of the e-mail, 
automatically, or through prompting, can be added to the address book, hi another 
embodiment, the carbon copy list can similarly be added to the address book. 

In another embodiment of the invention, where an e-mail includes inserted 
20 greater than signs (">")> a feature can be included that deletes any greater than 
symbols from the beginning of a string. This character is often added by an e-mail 
system when forwarding an e-mail message. The ">" is a default character in many 
e-mail systems, but can be eliminated or changed to another character in some 
systems. Thus, in another embodiment, the character to be removed can be 
25 designated. 
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FIG. 6 depicts a user interface illustrating an exemplary embodiment of a 
personal filing system 600 of the present invention. The personal filing system 600 
can include a user's e-mail environment including a file cabinet 602. The file cabinet 
602 is a folder identified as a location to create personal nested sub-folders into which 
a user can organize incoming and outgoing e-mail. The user, in one embodiment, can 
set the properties for sending and receiving e-mail related to the file cabinet. For 
example, all e-mails sent by a sending user can be automatically stored in a personal 
folder in the sending user's personal file cabinet 600. In an exemplary embodiment, 
the email stored in a file folder named by the recipient's e-mail address or user name. 
In an exemplary embodiment, a read receipts continually updateable file can be 
stored in an assigned folder. A user can also modify the folder into which the e-mail 
can be stored upon sending. Similarly, for an email received from a sender at a 
recipient, the e-mail can be stored automatically into an assigned folder such as, e.g., 
a folder that can be set by the sending user's e-mail address or user name. In an 
exemplary embodiment, upon receiving an email, a recipient by selection of a single 
button can cause the email to be automatically stored in the assigned personal folder. 

In an embodiment of the invention, a user' s e-mail configuration can be 
mirrored on a server that can be accessible from a web browser, or a remote version 
of the mail system. This interface can give a user access to the user' s address book 
and all the user' s folders as if the user were sitting in front of the multi-user shared 
e-mail system computer. The user that is sending and receiving e-mail, can also be 
viewed, by the recipients of the e-mail, as being at the recipient's desks. 

The present invention is computer platform independent. Client computer 
106 in a preferred embodiment is a personal computer (PC) system running an 
operating system such as Windows Mac/OS, or a version of UNIX. However, the 
invention is not limited to these platforms. Instead, the invention can be implemented 
on any appropriate computer system running any appropriate operating system, such 
as, for example, Solaris, Irix, Linux, HPUX, OSF, Windows, Windows NT, OS/2, 
Mac/OS. In one embodiment, the present invention is implemented on a computer 
system operating as discussed herein. In another embodiment, the present invention 
can be implemented on hardware such as a handheld device, such as, e.g., a two-way 
pager, a cellular phone, a digital phone, a watch, a wireless device, a laptop, notebook 
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or sub-notebook computer, and other computer type device such as, e.g., a micro- 
computer, a mini-computer and a mainframe computer. 

FIG. 4 depicts an exemplary client computer 106 computer system. Other 
components of the invention, such as client computer 110, computer 302, and/or 
5 server computer 1 12, could also be implemented using a computer such as that shown 
in FIG. 4. 

The computer system 106 can include one or more processors, such as 
processor 402. The processor 402 can be coupled to a communication bus 404. 

Client computer 106 can also include a main memory 406, preferably random 

10 access memory (RAM), and a secondary memory 408. The secondary memory 408 
can include, for example, a hard disk drive 410 and/or a removable storage device 
412, representing a floppy diskette drive, a magnetic tape drive, a compact disk drive, 
etc. The removable storage device 412 can read from and/or write to a removable 
storage unit 414 in a well known manner. 

15 Removable storage unit 414, can also be referred to as a program storage 

device or a computer program product, represents a floppy disk, magnetic tape, 
compact disk, etc. The removable storage unit 414 can include a computer usable 
storage medium having stored therein computer software and/or data, such as an 
object's methods and data. 

20 Client computer 106 can also include an input device such as, e.g., a mouse 

416 or other pointing device such as a digitizer, and a keyboard 418 or other data 
entry device. Client computer 106 can also include an output device such as display 
418, which in one embodiment can be a touch enabled monitor. Client computer 106 
can also include, e.g., a network interface card 422 and/or a modem 424 which can 

25 be used to access network 1 14. 

Computer programs (also called computer control logic), including object 
oriented computer programs, can be stored in main memory 416 and/or the secondary 
memory 418 and/or removable storage units 414, also called computer program 
products. Such computer programs, when executed, enable the computer system 106 

30 to perform the features of the present invention as discussed herein. In particular, the 
computer programs, when executed, enable the processor 402 to perform the features 
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of the present invention. Accordingly, such computer programs represent controllers 
of the computer system 106. 

In another embodiment, the invention can be directed to a computer program 
product comprising a computer readable medium having control logic (computer 
5 software) stored therein. The control logic, when executed by the processor 402, can 
cause the processor 402 to perform the functions of the invention as described herein. 

In yet another embodiment, the invention can be implemented primarily in 
hardware using, for example, one or more state machines. Implementation of these 
state machines so as to perform the functions described herein will be apparent to 

10 persons skilled in the relevant arts. 

FIG. 5 depicts an exemplary embodiment of multi-user graphical user 
interface (GUT) 500 including an indication of status of a plurality of different user 
email accounts. The GUI illustrated is a personal computer based software 
application program. The GUI could just have easily been a workstation application, 

15 a UNIX application, a JAVA applet, or an Internet or world wide web ("WWW" or 
web) browser based homepage, or applet GUI. In an exemplary embodiment, an 
indication of priority can be included. For example, a prioritization indication can 
be provided to indicate which email account should have priority. In one 
embodiment, a visual indication can be used. In another, an audio indication can be 

20 provided. In one embodiment, a color scheme can be used, as shown, including white 
record 502, 504, with lowest priority. An icon 508, 5 12, or no icon 504 can be used 
to indicate whether new mail has been received for one of the multi-user accounts. 
To provide prioritization, a yellow colored indication 510, 512 can stress a medium 
priority message. In the exemplary embodiment, a higher priority message 506, 508 

25 can be stressed by coloring them red. A low priority message can be colored white. 
Selection of a user account by touching a touch screen, or selecting with a mouse or 
other input device such as, e.g., a keyboard, remote control, or cursor keys, can cause 
the email account environment to be opened, assuming the user can provide 
authentication such as, e.g., a password, a biometric, or other identification 

30 information. 

FIG. 6 depicts an exemplary embodiment of a personal file system 600. 
Personal file system 600 can include a plurality of personal folders 602-640 for 
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storing sent and received emails. FIG. 6 depicts a user interface illustrating an 
exemplary embodiment of a personal filing system 600 of the present invention. The 
personal filing system 600 can include a user's e-mail environment including a file 
cabinet 602. The file cabinet 602 is a folder identified as a location to create personal 
5 nested sub-folders into which a user can organize incoming and outgoing e-mail. The 
user, in one embodiment, can set the properties for sending and receiving e-mail 
related to the file cabinet. For example, all e-mails sent by a sending user can be 
automatically stored in a personal folder in the sending user's personal file cabinet 
600. In an exemplary embodiment, the email stored in a file folder named by the 

10 recipient's e-mail address or user name. In an exemplary embodiment, a read receipts 
continually updateable file can be stored in an assigned folder. A user can also 
modify the folder into which the e-mail can be stored upon sending. Similarly, for 
an email received from a sender at a recipient, the e-mail can be stored automatically 
into an assigned folder such as, e.g., a folder that can be set by the sending user's e- 

15 mail address or user name. In an exemplary embodiment, upon receiving an email, 
a recipient by selection of a single button can cause the email to be automatically 
stored in the assigned personal folder. 

FIG. 7 depicts an exemplary embodiment of an assigned read receipt folder's 
read receipt report 700. Read receipt report 700 can include names 706, and email 

20 addresses 708 of recipients of the email. Upon access of the email by recipients, the 
read receipt report 700 can be automatically updated to include, e.g., a date and time 
712 of the access, and type of access 710. The read receipt report 700, can provide 
various types of information in a record 702. If the email has not been accessed yet, 
then a blank record 704 can be provided. 

25 FIG. 8A depicts a conventional public key infrastructure (PKI) 800 indicating 

an exemplary configuration of a user 1 802 in communication with a public/private 
key provider 804. Public/Private key 804 can provide information from user 2 806 
to provide communication between users 802, 806. 

A conventional process 800 as shown in FIG. 8A can begin with step 808. 

30 In step 808, User 1 802 sets up an account with an encryption 

public/private key provider 804. From step 808, process 800 can continue with 
step 810. 
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In step 810, User 2 806 sets up an account with the encryption 
public/private key provider 804. Suppose User 1 802 desires to send an encrypted 
message to User 2 806. From step 810, process 800 continues with step 812. 

In step 812, User 1 802 must learn the public key of User 2 806 by 
5 communicating with the public/private key provider 804, must search for User 2 
806, and must add the key information to the email address book of User 1 802 
relating to User 2 806. 

Suppose User 2 806 also desires to send an encrypted message to User 1 
802. Process 800 continues with step 814. 
10 In step 814, User 2 806 also must learn the public key of User 1 802 by 

communicating with the public/private key provider 804, must search for User 1 
802 and must add the key information to the email address book of User 2 806, 
relating to User 1 802. From step 814, process 800 can continue with step 816. 

In step 816, User 1 802 and User 2 806 can finally send encrypted 
1 5 messages to each other. 

An example of a conventional system implementing the system of FIG. 8 A 
is that of Microsoft Outlook Express, available from Microsoft Corporation of 
Redmond, Washington, U.S.A. Such conventional systems are cumbersome to 
operate and require extensive user customization as already detailed, unlike the 
20 present invention. For example, the Microsoft Outlook Express Help Index 

describes a difficult process by which the public/private key encryption features 
can be setup in Outlook. The following excerpt is demonstrative of the difficulty 
of such conventional solutions as shown in FIG. 8A: 

Sending secure messages 

25 As more people send confidential information by e-mail, it is 

increasingly important to be sure that documents sent in e-mail are not 
forged, and to be certain that messages you send cannot be intercepted 
and read by anyone other than your intended recipient. 

By using "digital IDs" with Outlook Express, you can prove 

30 your identity in electronic transactions in a way similar to showing 

your driver's license when you cash a check. You can also use your 
digital ID to encrypt messages, keeping them private. Digital IDs 
incorporate the S/MIME specification for secure electronic mail. 



-27- 



WO 02/077773 



PCT/US02/09315 



How do digital IDs work? 

A digital ED is composed of a "public key," a "private key/' 
and a "digital signature." When you digitally sign your messages, you 
are adding your digital signature and public key to the message. The 
5 combination of a digital signature and public key is called a 

"certificate." 

Recipients can use your digital signature to verify your 
identity and use your public key to send you encrypted mail that only 
you can read by using your private key. In order to send encrypted 
10 messages, your address book must contain digital IDs for the 

recipients. That way, you can their public keys to encrypt the 
messages. When a recipient gets an encrypted message, their private 
key is used to decrypt the message for reading. 

Before you can start sending digitally signed messages, you 
15 must obtain a digital ID and set up your mail account to use it. If you 

are sending encrypted messages, your address book must contain a 
digital ID for each recipient. 

WItere do you get digital IDs? 

Digital IDs are issued by independent certification authorities. 
When you apply for a digital ID at a certification authority's Web site, 
they verify your identity before issuing an ID. There are different 
classes of digital IDs, each certifying to a different level of 
trustworthiness. For more information, use the Help at the 
certification authority's Web site. 

In order to obtain someone else's digital ID, you can request 
they send you digitally signed mail, or you can search the digital ID 
database on a certification authority's Web site. You can also search 
Internet directory services that list digital IDs along with other 
properties. 

How do you verify a digital signature? 
With "revocation checking," you can verify the validity of a 
digitally signed message. When you make such a check, Outlook 
Express requests information on the digital ID from the appropriate 
certification authority. The certification authority sends back 
information on the status of the digital ID, including whether the ID 
has been revoked. Certification authorities keep track of certificates 
that have been revoked due to loss or termination. 

FIG. 8B depicts an exemplary embodiment of an improved configuration 
method that configures a secure public/private key configuration method 818. User 
1 802 can send in step 824 a message to user 2 822. In step 826, user 2 822 can send 
an email to user 1 820. Since, according to the present invention, a user 820, 822 can 
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automatically have a public key be embedded in the email, the exchange shown can 
automatically provide public keys to the recipients of the messages. 

Using the present invention, two users interested in exchanging public keys 
can perform the following steps: 
5 1. Both sender and receiver can be using PointClear on their respective 

systems or computers); 

2. Userl 802 can send a message to User2 822; and 

3. User2 822 can send a message to Userl 802. 

In an exemplary implementation embodiment, the above listed steps can be 
10 performed using the PointClear e-mail program ofPointClear.net, Inc., a wholly- 
owned subsidiary of XANTE Corporation of Mobile, Alabama, U.S. A. 

FIG. 8C shows an exemplary embodiment of a view 828 of an email which 
can illustrate a public key that has been embedded for ease of providing the public 
key of one user to another user, for use in communicating via, e.g., an encrypted 
1 5 communication, according to the present invention. The view 828 is shown in a view 
revealing the source code of the email. 

Overview of Reader-Responder 

Referring briefly to FIG. 3, in an exemplary embodiment of the present 

20 invention, a user 304-308 of a first email system may wish to exchange e-mail 

with a user 102 of a second email system, where user 102 is not on the first email 
system of user 304-308. If the first email system provides certain proprietary 
features, such as, e.g., encryption, receipt notification, etc., then conventionally the 
recipient user 102 on the second email system may not be able to access the email 

25 created by the sending user 304-308 of the first email system. Also, 

conventionally, users 102 and users 304-308 may not be able to take advantage of 
the proprietary features of the first email system when user 102 is not running on 
the first email system. 

In an exemplary embodiment of the present invention, a reader-responder 

30 module can be used by the user 102 of the second email system, in order to allow 
the user 102 to read and respond to an email sent from user 304-308 of the first 
email system, taking advantage of the proprietary features of the first email 
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system. 

In an exemplary implementation embodiment, the reader-responder 
module can be a POINTCLEAR reader-responder available from Pointclear.net, 
Inc., a wholly owned subsidiary of the XANTE CORPORATION of Mobile, 
5 Alabama, U.S.A. 

In an exemplary embodiment, the user 304-308 can send a copy of the reader- 
responder module to the user 102. In one exemplary embodiment, the user 304-308 
can sent the key of the user 304-308 along with the reader-responder module to the 
user 102. The user 102 can then install the reader-responder module on the 
10 workstation of user 102. The user 102 can send the key of user 102 as illustrated in 
FIG. 9 to the user 304-308 to enable the user 304-308 to send an email taking 
advantage of the proprietary functions. 

Alternatively, the user 102 can download the reader-responder module, e.g., 
from a network or other computer system. Subsequently, the user 304-308 can send 
15 the key of user 304-308 to the user 102. User 102 can then send the key of the user 
102 to user 304-308 as illustrated in FIG. 9, below. 

FIG. 9 depicts an exemplary embodiment of a graphical user interface 900 
illustrating set-up of a reader-responder module of the present invention. 
Specifically, the reader-responder module can be used to send a key from user 102 
20 to the user 304-308 in order to enable the user 304-308 to send an e-mail taking 
advantage of proprietary features of a first e-mail system (i.e., the email system of 
user 304-308), to the user 102 who is not on the first email system. 

The reader is again referred to FIG. 8C which can now be used to illustrate an 
exemplary embodiment of a view 828 of an email in which a public key has been 
25 embedded for ease of providing the public key of the user 102 to the user 304-306 of 
the first email system, for use in communicating via, e.g., an encrypted 
communication, according to the present invention. The view 828 as illustrated, is 
shown in a view revealing the source code of the email. It will be apparent to those 
skilled in the art that alternative views of the e-mail can be provided, and can also be 
30 provided as a default view. 

Once the reader-responder module is set up, then the user 102 can receive e- 
mail from users 304-308 of the first email system that take advantage of proprietary 
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features of the first email system. If user 102 wishes to respond to user 304-308 then 
the user 102 can use the reader-responder module to create an e-mail as shown in 
FIG. 11. 

In an exemplary embodiment, if the user 102 desires to send a carbon-copy 
5 to other users 304-308, then the user 102 can look them up in an address book as 
illustrated in FIG. 10, as described further below with reference to FIG. 10. If the 
other users 304-308 are not listed in the address book, the users 304-308 can be added 
to the address book. In an exemplary embodiment, the user 102 can have the users 
304-308 send the user 102 an email providing user 102 the keys of other users 304- 
308, to support encryption. 

In an exemplary embodiment, if user 102 desires to send an email to a user 
104 who is not on the first email system of users 304-308, then the user 102 will not 
be permitted to do so without first obtaining a license to the full featured version of 
the first email system. Once user 102 becomes a licensed user of the first e-mail 
system, then the user 102 can be permitted to send a copy of the reader-responder 
module to other users 104 which are not licensed users of the first email system. 
Advantageously, the ability to send a copy of a reader-responder module to non- 
licensed users can be an effective viral marketing approach to create interest in and 
to encourage licensure of the full-featured version of the first email system. 

FIG. 10 depicts an exemplary embodiment of a graphical user 
interface 1000 illustrating an address book of an exemplary reader-responder module 
of the present invention. Specifically, the address book can be populated with users 
304-308 to which an e-mail can be sent for the user 102 of the reader-responder 
module, which is not on the first email system of users 304-308. 

The user 102 although licensed to use the reader-responder module, is not a 
licensed user of the first email system of users 304-308. Initially (assuming the user 
102 has already received and installed a copy of the reader-responder module on the 
workstation of user 102, and has received the key of user 304-308), the only 
recipients listed in the address book of user 102, to which user 102 can send an email 
using the reader-responder software, is the user 304-306 who has sent user 102 the 
key of user 304-308. If other users 304-308 send the keys of the other users 304-308 
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to the user 102, then the names of the other users 304-308 can also appear on the 
recipients list of the address book of user 102. 

It is important to note, however, that in the exemplary embodiment, the user 
102 can not send emails using the reader-responder module to users 104 which are 
5 not users of the first email system of user 304-308. Thus, the user 102 will not be 
able to add users 104 to the address book of user 102 if the users 104 are not licensed 
users of the first e-mail system of user 304-308. 

If the user 102 becomes a licensed user of the first e-mail system of user 304- 
308, e.g., by paying a transaction fee, then the user 102 has in fact become a user 304- 

10 308 and will then be able to send email to any other user 304-308 and can also send 
copies of the reader-responder module to other users 104 which are not users of the 
first email system of user 304-308. 

FIG. 11 depicts an exemplary embodiment of a graphical user interface 
illustrating an email creation window of an exemplary embodiment of the reader- 

15 responder module of the present invention. As shown, the email creation window of 
the exemplary embodiment can include various icons such as, e.g., a send icon that 
can be used to send the email; a print icon that can be used to print the email; 
cut/copy/paste icons that can be used as conventionally known to cut, copy or paste 
data from or into the email; a cut ">" icon that can be used to eliminate embedded 

20 indentation characters; an attach file icon that can be used to add an attachment to the 
email; a recipients icon that can be used to open the reader address book as described 
above with reference to FIG. 10; a spell check icon that can be used to spell check the 
e-mail message contents; a priority icon that can be used to identify the priority of the 
email; and a send key icon that can be used to embed a sending user's key to the 

25 email for sending along to the receiving user. Other conventional fields such as 
addressee, subject and body fields can be provided as well as other functions in pull- 
down menus and other useful functionality as will be apparent to those skilled in the 
relevant art. 

FIG. 12 depicts an exemplary embodiment of a flow diagram 1200 illustrating 
30 how users could use a reader-responder module according to the present invention to 
exchange e-mail. 

Flow diagram 1200 of FIG. 12 can begin with step 1202 and can continue 
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immediately with step 1204. 

In step 1204, in an exemplary embodiment, user 304 can license an e-mail 
client application having proprietary features. In an exemplary embodiment, the e- 
mail client application can include a proprietary encryption feature. However it is 
5 important to note that alternative proprietary features could be provided according 
to the technique of the present invention. In an exemplary implementation 
embodiment the e-mail client application can be PointClear Client Software, 
available from PointClear Communications, at PointClear.net of Mobile, 
Alabama, U.S.A. including a 128 bit Public/Private Key Encryption System. 

10 From step 1204, flow diagram 1200 can continue with step 1206. 

In step 1206, in an exemplary embodiment, user 304 can desire to 
exchange email with user 1 02, who is on a different email system. Specifically, in 
an exemplary embodiment, user 304 can desire to exchange encrypted e-mail with 
the user 102. From step 1206, flow diagram 1200 can continue with step 1208. 

15 In step 1208, in an exemplary embodiment, user 102 can have a different 

e-mail software system than user 304. For example, if user 304 uses an e-mail 
software application system available from PointClear.net, and user 102 instead 
uses an e-mail software application system available from, e.g., Microsoft, Novell, 
Lotus, or any other software developer, then only a subset of features of the 

20 PointClear.net e-mail software application system might be available to the users. 
For example, perhaps only text-based email would be supported, because of lack 
of support for certain proprietary features. From step 1208, flow diagram 1200 
can continue with step 1210. 

In step 1210, in an exemplary embodiment, user 304 can request that user 

25 102 download reader/responder module application software. For example, the 
software can be PointClear Reader/Responder Module application software from 
www.pointclear.net/reader . In an exemplary embodiment, the software download 
can be free of charge. Product features of the PointClear Reader/Responder 
Module application software can provide a subset of a full-featured licensed 

30 version of a PointClear Client Application Software. From step 1210, flow 
diagram 1200 can continue with step 1212. 

In step 1212, in an exemplary embodiment, user 102 can download and 



-33- 



WO 02/077773 



PCI7US02/09315 



install reader/responder module application e-mail software or system. From step 
1212, flow diagram 1200 can continue with step 1214. 

In step 1214, in an exemplary embodiment, user 102 can use a "send key" 
program that can be included, e.g., as a function of the reader/responder module 
5 application. In an exemplary embodiment, the send key function can be used to 
automatically send an unencrypted public key to user 304. From step 1214, flow 
diagram 1200 can continue with step 1216. 

In step 1216, in an exemplary embodiment, user 304 can receive an email 
from user 102 with an embedded public key and can respond as the 
10 reader/responder can automatically encrypt the e-mail message using the public 
key of user 102. From step 1216, flow diagram 1200 can continue with step 1218. 

In step 1218, in an exemplary embodiment, user 102 can receive a message 
from user 304 into the email software of user 102 (i.e., Microsoft, Lotus, Novell, 
etc.). In an exemplary embodiment, the email can include a file named 
15 encryptedmessage.xmf. From step 1218, flow diagram 1200 can continue with 
step 1220. 

In step 1220, in an exemplary embodiment, user 102 can open the file that 
can automatically execute the reader/responder module application. The 
reader/responder module application according to an exemplary embodiment of 

20 the present invention can view an encrypted message using a private key of User 
102 to decrypt the email message. From step 1220, flow diagram 1200 can 
continue with step 1222. 

In step 1222, in an exemplary embodiment, the reader/responder module 
application can automatically save user 304 into an address book database along 

25 with a public key of user 304. From step 1222, flow diagram 1200 can continue 
with step 1224. 

In step 1224, in an exemplary embodiment, user 102 can then respond to 
the message. In an exemplary embodiment, user 102 can alternatively create a 
new secure encrypted e-mail message that can be sent to user 304 or any other 
30 licensed user of the email software client application to which user 102 has 

already sent a key, and from which user 102 has already received a response. From 
step 1224, flow diagram 1200 can continue immediately with step 1226, where 
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flow diagram 1200 can end. 

While various embodiments of the present invention have been described 
above, it should be understood that they have been presented by way of example only, 
and not limitation. Thus, the breadth and scope of the present invention should not 
5 be limited by any of the above-described exemplary embodiments, but should be 
defined only in accordance with the following claims and their equivalents. 
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What is claimed is: 

1 . A method of distributing and initializing an encrypted electronic 
mail (email) software application for exchanging secure email, comprising the 
steps of: 

5 obtaining by a first user a license for an email client software application 

program having public/private encryption; 

requesting by said first user that a second user download a 
reader/responder software application program in order to exchange encrypted 
email between said first user and said second user; 
10 downloading and installing said reader/responder software application 

program by said second user; 

sending an email by said second user to said first user including 
embedding an unencrypted public key by using a send key function of said 
reader/responder software application program; 
15 receiving said email from said second user by said first user, wherein said 

unencrypted public key is embedded in said email; 

responding by said first user by sending a second email to said first user, 
where said reader/responder software application program encrypts a message of 
said second email into an encrypted message using said unencrypted public key of 
20 said second user; 

receiving said second email by said second user with said encrypted 
message as an attachment from said first user into a third party email software 
application program, wherein said third party email software application program 
is different from said reader/responder software application program and said 
25 email client software application program; and 

opening by said second user said attachment to execute said 
reader/responder software application program operative to allow a user without 
said email client software to read and respond to encrypted email created and sent 
from a user having said email client software. 

30 

2. The method according to claim 1, further comprising: 
viewing by said second user said encrypted message using said 
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reader/responder software application program including decoding said encrypted 
message using a private key for said second user. 



3. The method according to claim 1, further comprising: 

5 saving information about said first user into an address book database 

along of said second using along with an unencrypted public key for said first user. 

4. The method according to claim 1, further comprising: 
creating a new secure email including an encrypted message by said 

10 second user to send to at least one of said first user and any other user of said 

email client software application program to which said second user has emailed a 
public key and from which said second user has received a response email. 



5. The method according to claim 1, wherein said email client 
15 software application program uses at least 128-bit public/private encryption. 

6. A data processing system operative to distribute and initialize an 
encrypted electronic mail (email) software application for exchanging secure 
email, comprising: 

20 a license module operative to obtain by a first user a license for an email 

client software application program having public/private encryption; 

a request module operative to request by said first user that a second user 
download a reader/responder software application program in order to exchange 
encrypted email between said first user and said second user; 

25 a download module operative to download and install said 

reader/responder software application program by said second user; 

a send module operative to send an email by said second user to said first 
user including a send key function module of said reader/responder software 
application program operative to embed an unencrypted public key; 

30 an email receiver module operative to receive said email from said second 

user by said first user, wherein said unencrypted public key is embedded in said 
email; 
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a response module operative to respond by said first user by sending a 
second email to said first user, wherein said reader/responder software application 
program includes an encryption module operative to encrypt a message of said 
second email into an encrypted message using said unencrypted public key of said 
5 second user; 

a receipt module operative to receive said second email by said second user 
with said encrypted message as an attachment from said first user into a third party 
email software application program, wherein said third party email software 
application program is different from said reader/responder software application 

10 program and said email client software application program; and 

execution module operative to open by said second user said attachment to 
execute said reader/responder software application program including a reader 
responder module operative to allow a user without said email client software to 
read and respond to encrypted email created and sent from a user having said 

15 email client software. 

7. A data processing system for distributing and initializing an 
encrypted electronic mail (email) software application for exchanging secure 
email, comprising: 

20 means for obtaining by a first user a license for an email client software 

application program having public/private encryption; 

means for requesting by said first user that a second user download a 
reader/responder software application program in order to exchange encrypted 
email between said first user and said second user; 
25 means for downloading and installing said reader/responder software 

application program by said second user; 

means for sending an email by said second user to said first user including 
means for embedding an unencrypted public key by using a send key function of 
said reader/responder software application program; 
30 means for receiving said email from said second user by said first user, 

wherein said unencrypted public key is embedded in said email; 

means for responding by said first user by sending a second email to said 
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first user, wherein said reader/responder software application program includes 
means for encrypting a message of said second email into an encrypted message 
using said unencrypted public key of said second user; 

means for receiving said second email by said second user with said 
5 encrypted message as an attachment from said first user into a third party email 
software application program, wherein said third party email software application 
program is different from said reader/responder software application program and 
said email client software application program; and 

means for openingby said second user said attachment to execute said 
10 reader/responder software application program including means for allowing a 
user without said email client software to read and respond to encrypted email 
created and sent from a user having said email client software. 

8. A computer program product embodied on a computer readable 
1 5 media having program logic stored thereon, said computer program product 

operative to distribute and initialize an encrypted electronic mail (email) software 
application for exchanging secure email, comprising: 

program code means for enabling a computer to obtain by a first user a 
license for an email client software application program having public/private 
20 encryption; 

program code means for enabling the computer to request by said first user 
that a second user download a reader/responder software application program in 
order to exchange encrypted email between said first user and said second user; 

program code means for enabling the computer to download and install 
25 said reader/responder software application program by said second user; 

program code means for enabling the computer to send an email by said 
second user to said first user including program code means for enabling the 
computer to embed an unencrypted public key by using a send key function of said 
reader/responder software application program; 
30 program code means for enabling the computer to receive said email from 

said second user by said first user, wherein said unencrypted public key is 
embedded in said email; 
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program code means for enabling the computer to respond by said first 
user by sending a second email to said first user, wherein said reader/responder 
software application program includes program code means for enabling the 
computer to encrypt a message of said second email into an encrypted message 
5 using said unencrypted public key of said second user; 

program code means for enabling the computer to receive said second 
email by said second user with said encrypted message as an attachment from said 
first user into a third party email software application program, wherein said third 
party email software application program is different from said reader/responder 
10 software application program and said email client software application program; 
and 

program code means for enabling the computer to open by said second user 
said attachment to execute said reader/responder software application program 
including program code means for enabling the computer to allow a user without 
15 said email client software to read and respond to encrypted email created and sent 
from a user having said email client software. 
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wish to recieve your Key. After the recipient receives 

1 1 your Key, he or she will be able to send you encrypted 

E-mail. 


|ross@pointdear.nefl 


OK Cancel | 
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Robert C. Ross Jr. (PointClear) (ross@pointclear.net) 



OK 



Cancel 
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USER 304 LICENSES EMAIL SOFTWARE CLIENT APPLICATION WITH PROPRIETARY 
FEATURES {E.G., 128 BIT PUBLIC/PRIVATE ENCRYPTION SYSTEM) 



•1204 



USER 304 DESIRES TO EXCHANGE EMAIL WITH USER 102 
I 



USER 102 HAS DIFFERENT EMAIL SOFTWARE THAN USER 304 
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USER 304 ASKS USER 102TO DOWNLOAD READER/RESPONDER MODULE APPLICATION 
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USER 102 DOWNLOADS AND INSTALLS READER/RESPONDER MODULE APPLICATION 



USER 102 USES "SEND KEY" FUNCTION OF READER/RESPONDER MODULE APPLICATION 
TO AUTOMATICALLY SEND UNENCRYPTED PUBLIC KEY TO USER 304 



USER 304 RECEIVES EMAIL FROM USER 102 WITH EMBEDDED PUBLIC KEYAND 
RESPONDSSINCE THE READER/RESPONDER CAN AUTOMATICALLY ENCRYPT EMAIL 
MESSAGE USING PUBLIC KE Y OF USER102 
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USER 102 CAN RECEIVE MESSAGE FROM USER 304 INTO CURRENT EMAIL SOFTWARE 
(EG., MICROSOFT, LOTUS, NOVELL, ETC.) INCLUDING ARLE HAVING ENCRYPTEDMESSAGEM 
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USER 102 CAN OPEN A FILETO EXECUTE READER/RESPONDER MODULE APPUCATION 
TO VIEW ENCRYPTED MESSAGE USING PRIVATE KEY OF USER 102 TO DECRYPT MESSAGE 
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READER/RESPONDER MODULE APPLICATION CAN AUTOMATICALLY SAVE USER 304 INTO 
AN ADDRESS BOOK DATABASE OF USER 102 ALONG WITH PUBLIC KEY OF USER 304 
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USER 102 CAN RESPOND TO MESSAGE OR CREATEANEW SECURE ENCRYPTED MESSAGE TO SEND TO USER 304 
OR ANY OTHER USER 304-308 THAT IS AUSER OF THE SAME APPLICATION SYSTEM AS USER 304, TO WHICH USER 102 
HAS EMAILED A KEY, AND FROM WHICH RESPONSE HAS BEEN RECEIVED 
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